Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infect with malware


  • Please log in to reply
21 replies to this topic

#1 vjdetling

vjdetling

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 18 October 2012 - 05:47 PM

My Acer Aspire laptop is starting to exhibit some of the problems that my Dell Vista (one of the other computers on my network) was experiencing before I had the Dell system wiped and put back on – including blue screens, and messages such as “Host process for windows services stopped working and was closed” and “a malfunctioning or malicious add-on has caused Internet Explorer to close this website” So far the internet on the laptop just turns itself off and then back on – but that was the pattern with the Dell too, finally ending up with the internet not working at all.
Tomorrow I’m taking the computer for a virus check plus removalin case the problem is being caused by a virus that Norton Internet Security hasn’t caught. (I’ve been very careful to keep the laptop off the network, so the Dell wouldn’t get reinfected). If it’s not a virus, I can use Norton Ghost to take the laptop system back to a time this summer when I was not getting these messages.
If this doesn’t work, I don’t know what to do. I did quite a bit of Google research on the “host process” malware when I was having this problem with the Dell and never found anything very useful. The Acer laptop is too old to get Recovery Disks and the original factory default copy of the system I made no longer works because a key exe file got deleted.
Someone suggested that Facebook might be a culprit in downloading malware with their apps. I do use Facebook (downloading some pictures) and play one of the games, Words with Friends, but I’ve never intentionally downloaded any of their aps – nevertheless I don’t use the Dell to get on Facebook anymore. It works now but defintely has some wounds.
I’ll get back to this website as soon as I get the virus check and possible return to a fomer system. If anyone has other suggestions for removing the malware or keeping it off, please let me know.

VJ Detling

[/left]

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 PM

Posted 19 October 2012 - 11:17 AM

Thank you Aso post this..

Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 vjdetling

vjdetling
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 20 October 2012 - 04:55 PM

My laptop is being scanned at Staples right now. Should be back by Sunday. Then I’ll download the MiniToolBox and Junkware Removal Tool.
Thanking you in advance for your help,
vjdetling

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 PM

Posted 21 October 2012 - 06:18 PM

OK,will look back.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 vjdetling

vjdetling
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 23 October 2012 - 09:14 AM

Staples still has my laptop. I guess they had difficulty scanning it and are trying another program. Hopefull I'll get it back today or tomorrow.

VJ Detling

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 PM

Posted 23 October 2012 - 09:16 PM

Well I should hope after all that it does come back clean :)
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 vjdetling

vjdetling
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 24 October 2012 - 02:02 PM

I downloaded the Tool box was unable to run it. God error message "A device attached to this system is not functioning." I can use Norton Ghostto take the system back to this summer when I was not having all these problems with the computer.
I did get the second item you mentioned, the Juntware Removal kit and will try to download the text.

3:00 PM 10/24/2012Junkware Removal Tool (JRT) by Thisisu
Version: 2.0.6 (10.24.2012)
OS: Windows Vista ™ Home Premium x86
Ran by Valerie on Wed 10/24/2012 at 13:33:51.08
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services:

Successfully stopped: [SERVICE] MyWebSearchService
Successfully deleted: [SERVICE] MyWebSearchService



*** Registry Values:

Successfully deleted: [VALUE] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{07b18ea9-a523-4961-b6bb-170de4475cca}
Successfully deleted: [VALUE] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{07b18ea9-a523-4961-b6bb-170de4475cca}



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduit"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduitsearchscopes"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\smartbar"
Successfully deleted: [KEY] "hkey_current_user\software\conduit"
Successfully deleted: [KEY] "hkey_local_machine\software\conduit"
Successfully deleted: [KEY] "hkey_local_machine\software\freeze.com"
Successfully deleted: [KEY] hkey_classes_root\clsid\{00a6faf1-072e-44cf-8957-5838f569a31d}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{00a6faf1-072e-44cf-8957-5838f569a31d}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{00a6faf1-072e-44cf-8957-5838f569a31d}
Successfully deleted: [KEY] hkey_classes_root\clsid\{07b18ea1-a523-4961-b6bb-170de4475cca}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{07b18ea1-a523-4961-b6bb-170de4475cca}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{07b18ea1-a523-4961-b6bb-170de4475cca}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{07b18ea1-a523-4961-b6bb-170de4475cca}
Successfully deleted: [KEY] hkey_classes_root\clsid\{07b18ea9-a523-4961-b6bb-170de4475cca}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{07b18ea9-a523-4961-b6bb-170de4475cca}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
Successfully deleted: [KEY] hkey_classes_root\interface\{07b18eac-a523-4961-b6bb-170de4475cca}
Successfully deleted: [KEY] hkey_classes_root\clsid\{08858af6-42ad-4914-95d2-ac3ab0dc8e28}
ERROR: The system was unable to find the specified registry key or value.
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{097b0235-5328-4f1d-ac13-6ed56811cfef}
Successfully deleted: [KEY] hkey_classes_root\interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}
Successfully deleted: [KEY] hkey_classes_root\clsid\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}
ERROR: The system was unable to find the specified registry key or value.
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\toolbar\{2cb70935-c5d6-46a5-8785-4f5ecbf25a6f}
Successfully deleted: [KEY] hkey_classes_root\interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [KEY] hkey_classes_root\interface\{3e720453-b472-4954-b7aa-33069eb53906}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{56256a51-b582-467e-b8d4-7786eda79ae0}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{56256a51-b582-467e-b8d4-7786eda79ae0}
Successfully deleted: [KEY] hkey_classes_root\interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}
Successfully deleted: [KEY] hkey_classes_root\interface\{7473d298-b7bb-4f24-ae82-7e2ce94bb6a9}
Successfully deleted: [KEY] hkey_classes_root\interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2}
Successfully deleted: [KEY] hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179}
Successfully deleted: [KEY] hkey_classes_root\interface\{aaa9c380-e19a-4436-88f6-02942c31cc9e}
Successfully deleted: [KEY] hkey_classes_root\interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}
Successfully deleted: [KEY] hkey_classes_root\interface\{db507187-9746-458c-97da-c458131eede7}
Successfully deleted: [KEY] hkey_classes_root\interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}
Successfully deleted: [KEY] hkey_classes_root\interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612}
Successfully deleted: [KEY] hkey_classes_root\interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}



*** Files:

Successfully deleted: [FILE] C:\Users\Valerie\Local Settings\Application Data\visi_coupon\merchants.dat
Successfully deleted: [FILE] C:\Users\Valerie\Local Settings\Application Data\visi_coupon\merchants.dat2
Successfully deleted: [FILE] C:\Program Files\conduit\community alerts\Alert.dll
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\CHROME.MANIFEST
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3BKGERR.JPG
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3CJPEG.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3DTACTL.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3HISTSW.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3HKSTUB.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3HTMLMU.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3HTTPCT.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3IMSTUB.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3POPSWT.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3PSSAVR.SCR
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3REGHK.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3REPROX.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3RESTUB.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3SCHMON.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3SCRCTR.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3SPACER.WMV
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3WALLPP.DAT
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\F3WPHOOK.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\FWPBUDDY.PNG
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\INSTALL.RDF
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3AUXSTB.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3DLGHK.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3FFTBPR.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3HIGHIN.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3HTML.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3IDLE.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3IMPIPE.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3MEDINT.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3MSG.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3OUTLCN.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3PATCH.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3PLUGIN.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3SKIN.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3SKPLAY.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3SLSRCH.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3SRCHMN.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3TPINST.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\M3UNPAT.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\MWSBAR.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\MWSMLBTN.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\MWSOEMON.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\MWSOEPLG.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\MWSOESTB.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\MWSSVC.EXE
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\MWSUABTN.DLL
Successfully deleted: [FILE] C:\Program Files\mywebsearch\bar\2.bin\NPMYWEBS.DLL



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\Valerie\appdata\local\conduit"
Successfully deleted: [FOLDER] "C:\Users\Valerie\appdata\locallow\conduit"
Successfully deleted: [FOLDER] "C:\Program Files\conduit"
Successfully deleted: [FOLDER] "C:\Program Files\free offers from freeze.com"
Successfully deleted: [FOLDER] "C:\Program Files\funwebproducts"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files\mywebsearch"



*** Ask Toolbar Cleanup:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afbcb7e0-f91a-4951-9f31-58fee57a25c4}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afbcb7e0-f91a-4951-9f31-58fee57a25c4}



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/24/2012 at 14:16:35.30
End of Report

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 PM

Posted 24 October 2012 - 08:16 PM

Ok, I think you have to do that to get the device running again.

I see they didnt bother to clean anything off,,,

This \mywebsearch may still have leftovers..we should run these also/....

TDSS Alt

Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



ADW Cleaner



Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.


    ESET ONLINE






    Finally,I'd like us to scan your machine with ESET OnlineScan
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the Posted Image button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the Posted Image
        icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 vjdetling

vjdetling
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 24 October 2012 - 09:45 PM

Not quite finised downloading and running the aps but wanted to post the text file for one of them will I could still find it. (By the way Staples never got to thernf of their scans and so didn't find anything.Here's the results for ADWCleaner:

# AdwCleaner v2.005 - Logfile created 10/24/2012 at 22:26:25
# Updated 14/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Valerie - VALERIE-PCACER
# Boot Mode : Normal
# Running from : C:\Users\Valerie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6B21VIM\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Windows\system32\f3PSSavr.scr
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Valerie\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Valerie\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Valerie\Documents\ShopToWin

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\Freeze.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKCU\Software\MyWebSearch
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3247201
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\Software\MyWebSearch
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Web Search Bar Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.8] : homepage = "hxxp://search.conduit.com/?ctid=CT3247201&SearchSource=48",
Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3247201&SearchSource=48" ]
Deleted [l.1004] : homepage = "hxxp://search.conduit.com/?ctid=CT3247201&SearchSource=48",
Deleted [l.1221] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3247201&SearchSource=48" ]

*************************

AdwCleaner[S1].txt - [14354 octets] - [24/10/2012 22:26:25]

########## EOF - C:\AdwCleaner[S1].txt - [14415 octets] ##########

#10 vjdetling

vjdetling
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 25 October 2012 - 08:34 AM

Here is the file results for ESETScan. It found quite a few viruses. I missed some of the directions you gave including o "Click Advanced settings and select the following:
 Scan potentially unwanted applications
 Scan for potentially unsafe applications
 Enable Anti-Stealth technology
and am wondering if I should run the scan again."

# AdwCleaner v2.005 - Logfile created 10/24/2012 at 22:26:25
# Updated 14/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Valerie - VALERIE-PCACER
# Boot Mode : Normal
# Running from : C:\Users\Valerie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6B21VIM\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Windows\system32\f3PSSavr.scr
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Valerie\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Valerie\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Valerie\Documents\ShopToWin

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\Freeze.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKCU\Software\MyWebSearch
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3247201
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\Software\MyWebSearch
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Web Search Bar Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.8] : homepage = "hxxp://search.conduit.com/?ctid=CT3247201&SearchSource=48",
Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3247201&SearchSource=48" ]
Deleted [l.1004] : homepage = "hxxp://search.conduit.com/?ctid=CT3247201&SearchSource=48",
Deleted [l.1221] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3247201&SearchSource=48" ]

*************************

AdwCleaner[S1].txt - [14354 octets] - [24/10/2012 22:26:25]

########## EOF - C:\AdwCleaner[S1].txt - [14415 octets] ##########

#11 vjdetling

vjdetling
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 25 October 2012 - 10:16 AM

I just tried running the ToolBox again and didn't get an error message. Am posting it here. At this point I've gone through all the apps in your directions. If I missed send you one, please let me know and I'll send it:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Valerie (administrator) on 25-10-2012 at 11:10:44
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Sierra Wireless AC595U 1xEV-DO Network Adapter = Local Area Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=128 icmpredirects=enabled
add address name="Wireless Network Connection 2" address=192.168.0.1
add address name="Local Area Connection 3" address=192.168.0.1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Valerie-PCAcer
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter Sprint Mobile Broadband - Sierra Wireless:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Sprint Mobile Broadband - Sierra Wireless
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 107.45.146.244(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 66.1.32.132
66.1.32.133
NetBIOS over Tcpip. . . . . . . . : Disabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
Physical Address. . . . . . . . . : 00-19-7E-9F-5F-A6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7a:aca5:beda:776e%49(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.119.110(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : fe80::28a0:96b7:4471:3d48%49
DHCPv6 IAID . . . . . . . . . . . : 939530622
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-12-54-AC-00-1B-24-61-AE-B2
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Sierra Wireless AC595U 1xEV-DO Network Adapter #2
Physical Address. . . . . . . . . : 00-A0-D5-FF-FF-85
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : staples.com
Description . . . . . . . . . . . : Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-1B-24-61-AE-B2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{3A39E39E-9FA7-4209-9BB9-4F463412AD5D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.staples.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 30:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 31:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #10
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 32:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{7F1EEEA3-DB97-4C37-8329-56B78261CAFD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 34:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 36:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 40:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 41:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 42:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #15
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 43:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{6D4AEC38-5941-461A-BA7A-9279255CAED2}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 45:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #21
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 47:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:6b2d:92f4::6b2d:92f4(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 66.1.32.132
66.1.32.133
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 66.1.32.132

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2607:f8b0:4009:802::1003
74.125.225.110
74.125.225.105
74.125.225.102
74.125.225.96
74.125.225.99
74.125.225.100
74.125.225.101
74.125.225.97
74.125.225.98
74.125.225.103
74.125.225.104



Pinging google.com [74.125.225.110] with 32 bytes of data:

Reply from 74.125.225.110: bytes=32 time=117ms TTL=50

Reply from 74.125.225.110: bytes=32 time=104ms TTL=50



Ping statistics for 74.125.225.110:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 104ms, Maximum = 117ms, Average = 110ms

Server: ns1.akronohar05.spcsdns.net
Address: 66.1.32.132

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=139ms TTL=46

Reply from 98.139.183.24: bytes=32 time=149ms TTL=46



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 139ms, Maximum = 149ms, Average = 144ms

Server: ns1.akronohar05.spcsdns.net
Address: 66.1.32.132

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 10.156.32.197: Destination host unreachable.

Reply from 10.156.32.197: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
65 ........................... Sprint Mobile Broadband - Sierra Wireless
49 ...00 19 7e 9f 5f a6 ...... Atheros AR5007EG Wireless Network Adapter
20 ...00 a0 d5 ff ff 85 ...... Sierra Wireless AC595U 1xEV-DO Network Adapter #2
8 ...00 1b 24 61 ae b2 ...... Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
9 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
26 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
11 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
18 ...00 00 00 00 00 00 00 e0 isatap.{3A39E39E-9FA7-4209-9BB9-4F463412AD5D}
13 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
19 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
52 ...00 00 00 00 00 00 00 e0 isatap.staples.com
37 ...00 00 00 00 00 00 00 e0 isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
31 ...00 00 00 00 00 00 00 e0 isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
27 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
29 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9
30 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10
50 ...00 00 00 00 00 00 00 e0 isatap.{7F1EEEA3-DB97-4C37-8329-56B78261CAFD}
33 ...00 00 00 00 00 00 00 e0 isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
35 ...00 00 00 00 00 00 00 e0 isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
39 ...00 00 00 00 00 00 00 e0 isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
40 ...00 00 00 00 00 00 00 e0 isatap.{8AB3BEF6-828E-4B62-8FB9-60C3E39E1518}
64 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #15
51 ...00 00 00 00 00 00 00 e0 isatap.{6D4AEC38-5941-461A-BA7A-9279255CAED2}
66 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #21
53 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 On-link 107.45.146.244 51
107.45.146.244 255.255.255.255 On-link 107.45.146.244 306
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
169.254.0.0 255.255.0.0 On-link 169.254.119.110 4506
169.254.119.110 255.255.255.255 On-link 169.254.119.110 4506
169.254.255.255 255.255.255.255 On-link 169.254.119.110 4506
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 169.254.119.110 4506
224.0.0.0 240.0.0.0 On-link 107.45.146.244 51
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 169.254.119.110 4506
255.255.255.255 255.255.255.255 On-link 107.45.146.244 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
53 1150 ::/0 2002:c058:6301::c058:6301
49 281 ::/0 fe80::28a0:96b7:4471:3d48
1 306 ::1/128 On-link
53 1050 2002::/16 On-link
53 306 2002:6b2d:92f4::6b2d:92f4/128
On-link
49 281 fe80::/64 On-link
49 281 fe80::7a:aca5:beda:776e/128
On-link
1 306 ff00::/8 On-link
49 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog5 06 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/25/2012 10:42:17 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_HPSLPSVC, version 6.0.6001.18000, time stamp 0x47918b89, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000,
process id 0x4c4, application start time 0xsvchost.exe_HPSLPSVC0.

Error: (10/24/2012 10:38:14 PM) (Source: RasClient) (User: )
Description: CoId={F49D8F59-431F-440F-B4E3-ACDEA447CD96}: The user Valerie-PCAcer\Valerie dialed a connection named Sprint Mobile Broadband - Sierra Wireless which has failed. The error code returned on failure is 0.

Error: (10/24/2012 09:03:52 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_HPSLPSVC, version 6.0.6001.18000, time stamp 0x47918b89, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x6d736f74,
process id 0xf50, application start time 0xsvchost.exe_HPSLPSVC0.


System errors:
=============
Error: (10/25/2012 10:49:35 AM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (10/25/2012 10:43:30 AM) (Source: Service Control Manager) (User: )
Description: HP Network Devices Support1

Error: (10/25/2012 10:40:30 AM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (10/25/2012 10:22:17 AM) (Source: DCOM) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (10/25/2012 10:19:56 AM) (Source: Service Control Manager) (User: )
Description: eSettings Serviceint15%%2

Error: (10/25/2012 10:19:56 AM) (Source: Service Control Manager) (User: )
Description: int15%%2

Error: (10/25/2012 10:19:56 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/24/2012 10:38:27 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (10/24/2012 10:38:27 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (10/24/2012 10:32:43 PM) (Source: Service Control Manager) (User: )
Description: dlbc_device1


Microsoft Office Sessions:
=========================
Error: (10/25/2012 10:42:17 AM) (Source: Application Error)(User: )
Description: svchost.exe_HPSLPSVC6.0.6001.1800047918b89unknown0.0.0.000000000c0000005000000004c401cdb2bbdb74fa86

Error: (10/24/2012 10:38:14 PM) (Source: RasClient)(User: )
Description: {F49D8F59-431F-440F-B4E3-ACDEA447CD96}Valerie-PCAcer\ValerieSprint Mobile Broadband - Sierra Wireless0

Error: (10/24/2012 09:03:52 PM) (Source: Application Error)(User: )
Description: svchost.exe_HPSLPSVC6.0.6001.1800047918b89unknown0.0.0.000000000c00000056d736f74f5001cdb205482b1d7f


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 1.0.0)
7-zip v9.20 (Version: v9.20)
Acer Arcade Deluxe (Version: 1.0.3605a)
Acer Assist
Acer eDataSecurity Management (Version: 2.5.3032)
Acer eLock Management (Version: 2.5.3006)
Acer Empowering Technology (Version: 2.5.3005)
Acer eNet Management (Version: 2.6.3002)
Acer ePower Management (Version: 2.5.3007)
Acer ePresentation Management (Version: 2.5.3003)
Acer eSettings Management (Version: 2.5.3004)
Acer GridVista (Version: 2.61.102)
Acer Mobility Center Plug-In (Version: 1.0.3003)
Acer Registration
Acer ScreenSaver (Version: 1.00.0000)
Acer Tour (Version: 1.1.3007)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Type Manager 4.0
Agere Systems HDA Modem
AnalogX Proxy
Apple Mobile Device Support (Version: 1.1.4.7)
Apple Software Update (Version: 2.1.1.116)
Avanquest Perfect Image 12 Trial (Version: 90.00.0003)
AVS Audio Recorder version 3.9
AVS YouTube Uploader version 2.1
AVS4YOU Software Navigator 1.3
Bing Bar (Version: 7.1.391.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 1.0.104)
BufferChm (Version: 90.0.146.000)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities PhotoStitch (Version: 3.1.21.45)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
Clip Art Collection (Version: 1.0.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CustomerResearchQFolder (Version: 1.00.0000)
D7400 (Version: 90.0.189.000)
D7400_doccd (Version: 90.0.189.000)
D7400_Help (Version: 90.0.189.000)
Defraggler (Version: 2.10)
Dell Photo Printer 720
DeviceDiscovery (Version: 90.0.146.000)
DeviceManagementQFolder (Version: 1.00.0000)
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
ffdshow (remove only)
getPlus® for Adobe (Version: 1.5.2.29)
Google Chrome (Version: 22.0.1229.94)
Google Desktop (Version: 5.9.1005.12335)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
HP Customer Participation Program 9.0 (Version: 9.0)
HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Deskjet 1050 J410 series Product Improvement Study (Version: 22.50.231.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP Photo Creations (Version: 1.0.0.3781)
HP Photosmart Essential (Version: 1.9.0.9)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Photosmart Printer Software 9.0 (Version: 9.0)
HP Smart Web Printing (Version: 2.15.7.0)
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 5.002.006.003)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 2.2.0.0000)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 7.6.2.9)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Jenkat Games Arcade (Version: )
Jewel Match (remove only)
KRISTAL Audio Engine
Launch Manager
LightScribe 1.4.136.1 (Version: 1.4.136.1)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
MarketResearch (Version: 90.0.146.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft UI Engine (Version: 6.3.2380.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetDeviceManager (Version: 90.0.146.000)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (Version: 1.03.000)
Norton Bootable Recovery Tool Wizard (Version: 4.5.0.34)
Norton Ghost (Version: 14.0.0.24815)
Norton Internet Security (Version: 19.9.0.9)
Norton PC Checkup (Version: 2.0.17.20)
Norton PC Checkup (Version: 3.0.2.122.0)
NTI Backup NOW! 4.7 (Version: 4)
NTI CD & DVD-Maker (Version: 7)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PanoStandAlone (Version: 90.0.146.000)
Playalot Games (Version: 1.0.0)
PowerProducer
PS_SF_02_ProductContext (Version: 90.0.189.000)
PS_SF_02_Software (Version: 90.0.189.000)
PS_SF_02_Software_min (Version: 90.0.189.000)
PSSWCORE (Version: 2.01.0000)
QuickTime (Version: 7.4.5.67)
Realtek High Definition Audio Driver (Version: 6.0.1.5413)
Safari (Version: 3.525.13.3)
Scrapbook Factory Deluxe 4.0 (Version: 4.0.0.9)
Serif PhotoManager 1.0
Serif PhotoPlus X2 (Version: 12.0.0.008)
Skype™ 5.10 (Version: 5.10.116)
SolutionCenter (Version: 90.0.146.000)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Sprint Mobile Broadband (Sierra) (Version: 3.05.004)
Status (Version: 90.0.146.000)
Synaptics Pointing Device Driver (Version: 9.1.0.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.22.0000)
TIPCI (Version: 1.22.0000)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 90.0.146.000)
UnloadSupport (Version: 9.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
USB2.0 UVC WebCam (Version: 5.9.5.7)
VideoToolkit01 (Version: 90.0.146.000)
WebReg (Version: 90.0.146.000)
Win Tuner (Version: 1.00.07.07.18)
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Advisor
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 2037.43 MB
Available physical RAM: 718.24 MB
Total Pagefile: 4318.13 MB
Available Pagefile: 2713.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1961.23 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:70.77 GB) (Free:9.51 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:70.47 GB) (Free:38.89 GB) NTFS

========================= Users: ========================================

User accounts for \\VALERIE-PCACER

Administrator Guest Troubleshootng
Valerie


**** End of log ****

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 PM

Posted 25 October 2012 - 08:15 PM

How is it running now.. Plaese run ESET with the options so I kow we left nothing.
Then we have some updates to do/
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 vjdetling

vjdetling
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 26 October 2012 - 09:53 PM

I just finished rescanning with ESET. It didn't find any additional threats. The computer is doing a lot better. I did get one malware message but it didn't turn off the internet.

JV Detling

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 PM

Posted 26 October 2012 - 10:11 PM

Lets do a last Quick scan

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u9-windows-i586.exe (or jre-7u9-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


Similarly update Adobe Reader and Flash Player..

http://get.adobe.com/reader/
http://get.adobe.com/flashplayer/

Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 vjdetling

vjdetling
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 27 October 2012 - 05:31 PM

I’m looking at the Java download and don’t quite get it. I assume the OS is Windows but I don’t see windows 32 –just Windows x86 and Windows X64. Where do I find Windows 32?

I did run the Malware scan – didn’t find any more malware. Here’s the contents of the log:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.27.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Valerie :: VALERIE-PCACER [administrator]

Protection: Enabled

10/27/2012 4:49:46 PM
mbam-log-2012-10-27 (16-49-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 282408
Time elapsed: 1 hour(s), 16 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users